SPACE 2016

Workshop / Tutorials


14 December 2016

Side-channel attacks on PKC (Abstract)
Lejla Batina, Radboud University, Netherlands
Sponge-based cryptography(Abstract)
Joan Daemen, Radboud University, Netherlands

15 December 2016

Elliptic Curve Cryptography and Isogeny-based Cryptography(Abstract)
Craig Costello, Microsoft Research, USA
Fault Injection Attacks: Attack Methodologies, Injection Techniques and Protection Mechanisms(Abstract)
Shivam Bhasin, Nanyang Technical University, Singapore
Debdeep Mukhopadhyay, Indian Institute of Technology at Kharagpur, India

Abstracts

Side-channel attacks on PKC
Lejla Batina, Radboud University, Netherlands
Abstract: We give an introduction to physical attacks, in particular to passive attacks exploiting leakages of secret data from power consumption or EM emanations. Several issues such as leakage models, attack scenarios and countermeasures are outlined. We focus on public-key cryptosystems and their specifics with side-channel attacks and countermeasures. Recent attacks such as horizontal and online template attacks (OTA) are described and their experimental demonstrations on elliptic-curve cryptosystems are presented.
Sponge-based cryptography
Joan Daemen, Radboud University, Netherlands
Abstract: Keccak, the winner of the SHA-3 competition, has at its core a permutation and uses this in a mode that is known as the sponge construction. Previous hash standards, from MD5 to SHA-2, all had at its core a block-cipher like primitive. Similarly, block ciphers have also been at the core of encryption, MAC computation and authenticated encryption schemes since the introduction of DES in the seventies. Recently, in the slipstream of Keccak, permutation-based alternatives have been proposed for all these cryptographic services. It turns out that they are at the same time more efficient and more elegant. In this tutorial we will give an introduction to unkeyed (sponge and SHA-3) and keyed (full-state keyed duplex and Keyak) permutation-based modes.
Elliptic Curve Cryptography and Isogeny-based Cryptography
Craig Costello, Microsoft Research, USA
Abstract: Elliptic curves have reigned supreme as a foundation for classical public-key cryptography due to the exponential hardness of the elliptic curve discrete logarithm problem (ECDLP). The gap between the hardness of the ECDLP and the subexponential hardness of problems like integer factorization and finite field discrete logarithms ultimately means that public-key cryptography based on elliptic curves is much faster and much more compact than its alternatives. The first half of this tutorial will give a gentle introduction to elliptic curve cryptography (ECC).
All of the above classically difficult problems (including the ECDLP) become easy in the presence of a large-scale quantum computer. Thus, cryptographers are currently examining a range of new foundations that are believed to offer security against quantum adversaries. Interestingly, elliptic curves have also surfaced as a promising foundation in the post-quantum space, in particular in the realm of isogeny-based key exchange. The second half of this tutorial will give a gentle introduction to isogenies and their role in providing post-quantum primitives.
Fault Injection Attacks: Attack Methodologies, Injection Techniques and Protection Mechanisms
Shivam Bhasin, Nanyang Technical University, Singapore
Debdeep Mukhopadhyay, Indian Institute of Technology at Kharagpur, India
Abstract: Fault Injection Attacks are a powerful form of active attack mechanism which can threaten even the strongest of cryptographic algorithms. This attack vector has become more pertinent with the growing popularity of the Internet of things (IoT), which is based on small omnipresent embedded systems interacting with sensitive data of personal or critical nature. This tutorial addresses this issue of fault attacks, covering a wide range of topics which has accumulated through years of research. The first part of the talk will cover fault attacks and its application to attack standard cryptosystems. Different popular forms of fault attacks, namely Differential Fault Attacks (DFA) and Differential Fault Intensity Attacks (DFIA) are presented. It is followed subsequently by a discussion on the underlying injection techniques. Finally, protection mechanism will be discussed highlighting on information redundancy based reactive countermeasures and sensor-based protection mechanisms as two alternative strategies for security against the menacing fault attacks.

SPACE 2016 Home